Provides Parameters from CyberArk Conjur variables.
cyberark, conjur, secret, variable, parameter
In the list below, the names of required properties appear in bold. Any other properties (not in bold) are considered optional. The table also indicates any default values, and whether a property supports the NiFi Expression Language.
| Display Name | API Name | Default Value | Allowable Values | Description |
|---|---|---|---|---|
| Parameter Group Name | parameter-group-name | CyberArk Conjur | The name of the Parameter Group that will be fetched. This indicates the name of the Parameter Context that may receive the fetched Parameters. | |
| Variable Names | variable-names | By default all Variables are retreived that is available to the provided Account and mapped to Parameters. In NiFi, Parameters must not contain special characters like '/' but Conjur Variables usually do so. Variable names that contain '/' will have only the part after the last '/' as Parameter names. Optionally, a comma-separated list of Variable names can be defined to limit the scope of the Variables to be mapped to Parameters. In this case the name conversion is flexible and up to the user: 'conjur_variable_name:paramater_name' expression can be used. For example in the case of 'db/password:db_password' the 'db/password' Conjur Variable value will be fetched into the 'db_password' Parameter. Supports Expression Language: true (will be evaluated using variable registry only) | ||
| Web Client Service Provider | web-client-service-provider | Controller Service API: WebClientServiceProvider Implementation: StandardWebClientServiceProvider | Web Client Service Provider to use for Conjur REST API requests | |
| CyberArk Conjur Server URL | conjur-server-url | No Description Provided. Supports Expression Language: true (will be evaluated using variable registry only) | ||
| Account | conjur-account | Account under which Variables are stored in Conjur Supports Expression Language: true (will be evaluated using variable registry only) | ||
| Role Name | conjur-role-name | The name of the identity in Conjur that is allowed to fetch the specified Variables. Only the short name of the role is expected here not the full identifier. For example, with a Role identifier of 'account:user:UserName@Policy, the Role Name would be 'UserName'. Supports Expression Language: true (will be evaluated using variable registry only) | ||
| Role Type | conjur-role-type | host |
| The type of the Role |
| Policy ID | conjur-policy-id | The ID of the Policy in Conjur that governs the authorization of the Role to fetch the specified Variables Supports Expression Language: true (will be evaluated using variable registry only) | ||
| API Key | conjur-api-key | API Key for the Role Sensitive Property: true Supports Expression Language: true (will be evaluated using variable registry only) |